Data structures for key management

ABSTRACT

A method for deleting a set of keys from a storage server is provided. The method includes generating a probabilistic data structure for a first set of keys and for each key in a second set of keys, determining whether a key of the second set of keys is found in the probabilistic data structure. The method includes identifying the key as a candidate for deletion if the key is not found in the probabilistic data structure. A system is also provided.

BACKGROUND

Data storage systems store and manage large amounts of data. Keys areused in some data storage systems, pointing to, referencing, or inassociation with data, to make handling and keeping track of data moremanageable and efficient. There may be large numbers of keys, duplicatekeys, and/or keys with differing functions and usages in single ormultiple locations, for example within differing servers, in a storagesystem. Communication regarding keys, and management of large numbers ofkeys, could consume a large amount of communication bandwidth andcomputing resources, diminishing the efficiency gains brought about bythe use of keys. Recovery of storage memory and other system resourcesmay be delayed, or performed at lowered efficiency when one part of astorage system is not aware that another part of the storage systemmaintains deleted keys.

It is within this context that the embodiments arise.

SUMMARY

In some embodiments, a method for deleting a set of keys from a storageserver is provided. The method includes generating a probabilistic datastructure for a first set of keys and for each key in a second set ofkeys, determining whether a key of the second set of keys is found inthe probabilistic data structure. The method includes identifying thekey as a candidate for deletion if the key is not found in theprobabilistic data structure.

In some embodiments, a storage system is provided. The system includesmemory, configured to hold data and metadata, including keys thatidentify data and keys associated with data and one or more processors,configured to perform actions. The actions include storing data,metadata, the keys associated with data, and the keys that identify datain the memory and deleting one or more of the keys that identify data,when no longer needed. The method includes producing a probabilisticdata structure based on a first set of the keys, the probabilistic datastructure configured to determine whether a key tested with theprobabilistic data structure is a member of the first set of keys. Forkeys in a second set of keys stored in the storage system, the actionsinclude determining whether a key of the second set of keys is found inthe probabilistic data structure and identifying a key from the secondset of keys as a candidate for deletion responsive to the determiningfinding that the key is not a member of the first set of keys.

In some embodiments, a storage system is provided. The system includesmemory and one or more processors, configured to store, in the memory,data, metadata, keys associated with one of the data and the metadataand further configured to delete one or more of the keys. The systemincludes a data structure generator configured to derive a probabilisticdata structure from a first set of keys that identify data such that theprobabilistic data structure declares, for a query for a key, what thelikelihood of membership of the key is in the first set of keys. Thesystem includes a key query engine configured to query for each key in asecond set of keys using the probabilistic data structure derived fromthe first set of keys and a resource recovery engine configured toidentify as candidates for deletion a subset of keys from the second setof keys, responsive to results of the key query engine indicating eachkey of the subset of keys is definitely not a member of the first set ofkeys.

Other aspects and advantages of the embodiments will become apparentfrom the following detailed description taken in conjunction with theaccompanying drawings which illustrate, by way of example, theprinciples of the described embodiments.

BRIEF DESCRIPTION OF THE DRAWINGS

The described embodiments and the advantages thereof may best beunderstood by reference to the following description taken inconjunction with the accompanying drawings. These drawings in no waylimit any changes in form and detail that may be made to the describedembodiments by one skilled in the art without departing from the spiritand scope of the described embodiments.

FIG. 1 is a system diagram of a storage system that generates and usesprobabilistic data structures for deletion of keys, in accordance withsome embodiments of the present disclosure.

FIG. 2 is an action diagram showing operation of the probabilistic datastructure generator of FIG. 1 , and distribution of probabilistic datastructures in accordance with some embodiments.

FIG. 3 is an action diagram showing operation of the key testing moduleof FIG. 1 , determining whether to keep or discard keys based on testingthe keys with a probabilistic data structure in accordance with someembodiments.

FIG. 4 depicts a probabilistic data structure merger in accordance withsome embodiments.

FIG. 5 is an action diagram showing operation of key selectors filteringkeys for the probabilistic data structure generator, and filtering keysfor the key testing module in accordance with some embodiments.

FIG. 6 is an action diagram showing keys as candidates for discarding,with a decision for discarding, postponement, or not discarding inaccordance with some embodiments.

FIG. 7 is a flow diagram of a method for deleting keys from a storagesystem, using a probabilistic data structure in accordance with someembodiments.

FIG. 8 is an illustration showing an exemplary computing device whichmay implement the embodiments described herein.

DETAILED DESCRIPTION

A storage system as disclosed herein uses probabilistic data structuresfor the management of keys. In various operations, the storage systemcreates keys, manages keys, and deletes keys. To communicate in acompact manner regarding existence or nonexistence of keys in one partof the system, so that other parts of the system can delete unneededkeys, and recover storage memory and other system resources, the systemgenerates probabilistic data structures. Storage servers or nodes in thestorage system can test keys, using a probabilistic data structure, todetermine whether a key is a candidate for deletion. In someembodiments, a key selector is applied to filter a set of keys prior tothe generation of a probabilistic data structure, and a key selector isapplied to filter another set of keys prior to the testing of keys.Probabilistic data structures can be merged in some embodiments.Discarding of keys can be postponed, pending system conditions.Components or modules for probabilistic data structures can be locatedin various parts of the storage system, such as in one or more metadataservers or one or more storage servers, or elsewhere in the system.

FIG. 1 is a system diagram of a storage system 102 that generates anduses probabilistic data structures for deletion of keys 112, inaccordance with an embodiment. Keys 112 are used in one or more metadataservers 104, to identify data 128. Further keys 112 are used in one ormore storage servers 106, in association with data 128 in storage memory126. It should be appreciated that, although embodiments are describedherein in specific ways keys 112 are used and associated with data 128in embodiments of the storage system 102, the teachings regarding use ofprobabilistic data structures are readily generalized to further uses ofkeys 112 in various storage systems and elsewhere. That is, theembodiments may be extended to any system utilizing or managing keys asdescribed herein. In addition, these teachings are applicable tometadata servers 104 and storage servers 106, whether implemented aslogical constructs (e.g., in software executing on hardware), firmware,hardware, or combinations thereof.

The storage system 102 has keys 112, which identify files or other data128, on a metadata server 104. It should be appreciated that over timepreviously valid keys 112 can be deleted from the metadata server 104.At various points in time, one or more storage servers 106 should benotified, so that the storage server(s) 106 can delete keys 112 that areno longer valid on the metadata server 104 and release resourcesassociated with those keys 112. The storage system 112 accomplishes thistask efficiently, with the use of probabilistic data structures, such asa Bloom filter in one embodiment. In other embodiments, probabilisticdata structures other than a Bloom filter such as a HyperLogLog,count-min sketch, skip lists, etc. may be utilized with the embodimentsdescribed below.

The storage system 102 inserts a valid set of keys into a probabilisticdata structure, and sends the probabilistic data structure (e.g., afilter) to one or more storage servers 106. A storage server 106receiving such a probabilistic data structure is then able to analyzethe set of keys 112 that the storage server 106 is presently storing,and deleting or considering for deletion any key 112 not found in theprobabilistic data structure. This approach deletes keys 112 from thestorage server 106 that are not present on the original metadata server104, although some keys not present on the original metadata server 104might survive on a storage server 106 as a result of collisions (falsepositives) in the probabilistic data structure.

The storage system 102 has one or more processors 116, which could bedistributed through or employed by one or more metadata servers 104and/or one or more storage servers 106. One or more probabilistic datastructure generators 118, described in more detail below with referenceto FIG. 2 , could be in one or more metadata servers 104, in one or morestorage servers 106 and/or elsewhere in the storage system 102. Someembodiments have one or more key selectors 120, which are furtherdescribed below with reference to FIG. 5 . One or more key testingmodules 122, described below with reference to FIG. 3 , could reside inone or more storage servers 106 or elsewhere in the storage system 102.In the example shown in FIG. 1 , the metadata server(s) 104 have asnapshots repository 108, which is used for snapshots 110 of data 128 asstored in the storage server(s) 106. Each snapshot has multiple keys112, each associated with a respective data identifier 114. A snapshotthus points to various data 128 in storage memory 126 of storageserver(s) 106, using keys 112 and associated data identifiers 114. In avariation, the metadata server(s) 104 could use keys 112 and dataidentifiers 114 for backup images. Other uses of keys 112 in metadataserver(s) 104 are readily devised as FIG. 1 is meant to be one exampleand not limiting.

Still referring to FIG. 1 , the storage server(s) 106 store keys 112 ina key repository 124. Each key 112 is associated with data 128 in thestorage memory 126 of the storage server(s) 106. For example, whenstoring a particular piece of data 128, a storage server 106 could storethe data 128 in storage memory 126 and store an associated key 112 inthe key repository 124. In various embodiments, a key repository 124could be common across multiple storage servers 106, or each storageserver 106 could have a key repository 124. Storage memory 126 could becentralized or distributed across storage servers 106, and data could bestored with or without encryption, with or without error correctioncode, or redundancy, etc. In some embodiments, the key repository 124 isin the storage memory 126.

In one operating scenario, the storage system 102 stores data 128 in thestorage server(s) 106 (i.e., in the storage memory 126), and takessnapshots 110, which the metadata server(s) 104 store in one or moresnapshots repositories 108. When a metadata server 104 deletes asnapshot 110, the keys 112 of that snapshot 110 are deleted. Themetadata server(s) 104, or some other part of the storage system 102,can communicate to the storage server(s) 106 as to which of the keys arestill valid and exist in the snapshots repository(s) 108, by using theprobabilistic data structure generator(s) 118, as further describedbelow. In turn, the storage server(s) 106 can use one or moreprobabilistic data structures, as generated by the probabilistic datastructure generator(s) 118, and one or more key testing modules 122(also referred to as a key query engine) to determine which keys 112held by the storage server(s) 106 are candidates for deletion. Upondeletion of keys 112, the storage server(s) 106 can recover storagememory 126 and other system resources formerly used by the data 128associated with the deleted keys 112. In some embodiments, a storageserver 106 has a resource recovery engine 130, which performs resourcerecovery. One or more key selectors 120 are used to filter the keys 112at both ends of these processes, for more efficient key handling in someembodiments.

FIG. 2 is an action diagram showing operation of the probabilistic datastructure generator 118 of FIG. 1 , and distribution of probabilisticdata structures 202. The metadata server 104 provides keys 112, forexample in a list, a series of messages or other communications, oraccess to snapshot(s) 110, to a probabilistic data structure generator118. The probabilistic data structure generator 118 could be implementedas a software module executing on one or more of the processors 116 (seeFIG. 1 ), in firmware or in hardware, or combinations thereof, and couldexist as a single entity used by multiple metadata servers 104, or eachmetadata server 104 could have probabilistic data structure generator118. Bloom filters are one suitable probabilistic data structure 202,but other data structures could be used. Selection of a type ofprobabilistic data structure 202, and programming or logic for theprobabilistic data structure generator 118, are implementation specific.Probabilistic data structures generally, and Bloom filters specifically,are compact representations. For example, a set of keys 112 could have32 bytes per key 112 while a Bloom filter with better than 1% accuracymight have less than one byte per key 112 represented in the Bloomfilter in some embodiments. Consequently, sending a probabilistic datastructure 202 from one location in a storage system 102 to one or morefurther locations in the storage system 102, or providing access to theprobabilistic data structure 202, consumes less communication bandwidthand system resources than would sending a list of all of the keys 112 ina set.

Based on the keys 112 fed into the probabilistic data structuregenerator 118, the probabilistic data structure generator outputs aprobabilistic data structure 202 that has properties useful to thestorage system 102. A Bloom filter constructed for members of a set hasthe property that testing whether an element is a member of the set, byquerying that Bloom filter, yields either the answer that the element isdefinitively not in the set, or the answer that the element is possiblyor likely in the set. Bloom filters can be tuned to affect the accuracyof the positive (i.e., possible or likely membership) answers, and alarger Bloom filter has generally a greater accuracy for a given set ofkeys. Larger Bloom filters are typically more accurate than smallerones, all other things being equal. False positives are possible, inthat the Bloom filter has a low probability of reporting an element is amember of a set when in fact it is not. However, false negatives are notpossible, in that the Bloom filter never reports that an element is nota member of the set when in fact it is. This property makes the Bloomfilter one suitable type of probabilistic data structure 202 generatedby the probabilistic data structure generator 118. As noted abovealternative probabilistic data structures besides a Bloom filter may beintegrated into the embodiments. The storage system 102 can reliablydelete or consider for deletion, a key 112 that a Bloom filter says isnot in the set of keys 112 for which the Bloom filter was constructed,without concern for deleting a key 112 and associated data 128 in astorage server 106 when the key 112 is still valid in a metadata server104 and therefore needed in a storage server 106.

In some embodiments, the storage system 102, or the metadata server 104originating a probabilistic data structure 202, can send theprobabilistic data structure 202 to one storage server 106, multiplestorage servers 106, or all of the storage servers 106 in the storagesystem 102. Selection of which storage server(s) 106 are destinationsfor a specific probabilistic data structure 202 is situation dependent.For example, a metadata server 104 that is deleting keys 112 of aspecific one or more snapshots that were performed on data in one ormore specific storage servers 106 could generate a probabilistic datastructure 202 based on remaining keys 112 in that metadata server 104and send that probabilistic data structure 202 to the one or morespecific storage servers 106. Those specific storage servers 106 couldthen apply that probabilistic data structure 202 in order to determinewhich keys 112 should be considered for deletion. The metadata server104 would not need to send that probabilistic data structure 202 toother storage servers 106. In some embodiments, in order to improveefficiency of distribution of probabilistic data structures 202, themetadata server(s) 104 track storage servers 106 when making snapshots,or backups, or performing other tasks involving keys 112. This supportsclassifying or grouping which probabilistic data structure 202 goes towhich storage server 106. For example, if a metadata server 104 is awarethat none of the keys 112 represented in a probabilistic data structure202 are on a specific storage server 106, then the metadata server 104does not need to send that probabilistic data structure 202 to thatstorage server 106. In the alternative, if the metadata server 104 knowsthat some of the keys 112 represented in a probabilistic data structure202 are on a specific storage server 106, then the metadata server 104could send the probabilistic data structure 202 to the storage server106. This applies to multiple metadata servers 104, and multiple storageservers 106, and further applies to merged probabilistic data structures202, as will be described with reference to FIG. 4 .

FIG. 3 is an action diagram showing operation of the key testing module122 of FIG. 1 , determining whether to keep or discard keys 112 based ontesting the keys with a probabilistic data structure 202. The keytesting module 122 is being used by or on behalf of one or more storageservers 106, which are storing keys 112 in association with data 128 ina storage memory 126. In various embodiments, each storage server 106could have a key testing module 122, or one or more key testing modules122 could be shared by one or more storage servers 106, etc. The storageserver 106 provides keys 112 to the key testing module 122, which teststhe keys 112 using the probabilistic data structure 202, e.g., asobtained from a metadata server 104. A decision action 302 in the keytesting module 122 determines whether the key 112 is found in theprobabilistic data structure 202. If the answer in the decision action302 is yes, it is likely that the key 112 is in the probabilistic datastructure 202 (see properties of the probabilistic data structure, asdiscussed regarding FIG. 2 ), the action 304 is performed, to keep thekey 112, i.e., to not discard the key 112. If the answer in the decisionaction 302 is no, the key 112 is not found in the probabilistic datastructure 202, the action 306 is performed, to consider the key 112 fordiscarding.

Referring to FIGS. 1-3 , in some embodiments, the metadata server 104 iscommunicating to the storage server 106 that the probabilistic datastructure 202 indicates which keys 112 are valid on the metadata server104, and provides permission to the storage server 106 to delete anykeys 112 that are not valid on the metadata server 104. The storageserver 106 further has permission to recover some of the storage memory126. It should be appreciated that this mechanism works even with keyswith different structures, or different types of keys, in the sameprobabilistic data structure 202. For example, some keys could relate todirectory structure and/or snapshot epoch, other keys could relate tofiles. Some embodiments use hash functions for keys 112, e.g., byapplying a hash function to subject matter to create a key 112.

FIG. 4 depicts a probabilistic data structure merger 402. There areknown techniques associated with merging skip lists and that steps ofthat method would be different than that of a Bloom Filter. For example,if the probabilistic data structures 202 are Bloom filters, two or moreBloom filters can be logical ORed together to merge them into one Bloomfilter. The two or more Bloom filters are identical in size, andgenerated with identical hash functions in some embodiments. There maybe an exception if one Bloom filter is exactly N times as big asanother, and they use the same hash functions. In such a case, N bits inthe larger Bloom filter correspond to a single bit in the smaller one,and a merged filter the size of the smaller one can be generated byORing together the N bits of the larger one with the correspondingsingle bit in the smaller one. The merged probabilistic data structure202 can be sent to one or more specific storage servers 106, as can oneor more of the originating probabilistic data structures 202. A mergedprobabilistic data structure 202, in this embodiment, has the propertyof reporting that a key 112 that is definitely not found in each of theoriginating probabilistic data structures 202 is also definitely notfound in the merged probabilistic data structure 202. Relatedly, themerged data structure 202 will report that a key that is likely found inone (or both) of the originating probabilistic data structures 202 isalso likely found in the merged probabilistic data structure 202. Aswith the scenario described with reference to FIG. 2 , operation of theprobabilistic data structure merger 402 and distribution of one or moreprobabilistic data structures 202 to one or more storage servers 106 issituation dependent. For example, a metadata server 104 that has createdtwo probabilistic data structures 202 after multiple key deletionoperations could merge the two probabilistic data structures 202 asdescribed above. The metadata server 104 could then send oneprobabilistic data structure 202 to a specific storage server 106 forwhich that probabilistic data structure 202 is relevant, anotherprobabilistic data structure 202 to another storage server 106 asrelevant, and the merged probabilistic data structure 202 to yet anotherstorage server 106 for which that merged probabilistic data structure202 is relevant. Differing merged combinations of probabilistic datastructures 202 could be applied at differing locations within thestorage system 102. Many permutations of the above are possible. Eachstorage server 106 tests keys 112 with the probabilistic data structure202 that is received by that storage server 106.

FIG. 5 is an action diagram showing operation of key selectors 504filtering keys 112 for the probabilistic data structure generator 118,and filtering keys 112 for the key testing module 122. This mechanismimproves upon the process of using a probabilistic data structure 202for consideration of key deletion, in that the set of keys 112 insertedinto the probabilistic data structure 202 is constrained. Constrainingthe keys 112 used in generating a probabilistic data structure 202, andsimilarly constraining the keys 112 tested with the probabilistic datastructure 202 for consideration of deletion, reduces the number of keysso applied and improves efficiency of the system in some embodiments. Akey selector 504 could be implemented as a software module, withprogramming executing on one or more processors 116 of the storagesystem 102, firmware, hardware, or combinations thereof. Use of keyselectors 504 is paired or coordinated between one or more metadataservers 104 and one or more storage servers 106, for greater efficiencyof the storage system 102. In some embodiments, each metadata server 104and each storage server 106 has a key selector 504, and in furtherembodiments one or more key selectors 504 are shared across variousresources. By applying an attribute 502 of a key 112 in a process ofselecting keys 112, the storage system 102 can filter out keys 112 thatare not relevant for production and usage of a specific probabilisticdata structure 202. The attribute 502 could be part of a key 112, orcould be an attribute 502 that is separate from the key 112 butotherwise associated.

For example, the attribute 502 could be a value of an epoch (e.g., aspecific time or time span, which may or may not be related in astraightforward manner to wall-clock time or calendar dates) for one ormore snapshots. The key selector 504 would select which keys 112 belongto that epoch, for generation of a specific probabilistic data structure202. The same or another key selector 504 would select keys 112belonging to that same epoch, for use in a key testing module 122equipped with the same probabilistic data structure 202, e.g., asreceived from a metadata server 104. By using one or more key selectors504 in this manner, the storage system 102 can more efficiently generateand use a probabilistic data structure 202, without having to putirrelevant keys 112 into the probabilistic data structure generator 112or the key testing module 122.

Continuing with reference to FIG. 5 , functioning of one or more keyselectors 504 starts with one or more metadata servers 104 providingkeys 112 that have or are associated with attributes 502. The metadataserver 104 communicates criteria to the key selector 504 and also to thestorage server 106, or the storage server 106 reuses the same keyselector 504 with the same criteria, in various embodiments. In afurther embodiment, the one or more key selectors 504 can determine thecriteria, e.g., by looking up a parameter or coordinating with themetadata server 104 and/or the storage server 106, etc. The key selector504 performs a decision action 506, to determine whether the attributeor attributes 504 of the key 112 meets the criteria, for each key 112provided to the key selector 504. For example, a function could beapplied to one or more attributes that deterministically provides a yesor no answer based on the attribute(s). If the answer to the decisionaction 506 is no, the attribute(s) 502 of the key 112 does not meet thecriteria then the resulting action 508 is to not use the key 112 in theprobabilistic data structure generator 118. If the answer to thedecision action 506 is yes, the attribute(s) 502 of the key 112 doesmeet the criteria, then the action 510 is to use that key 112 in theprobabilistic data structure generator 118. Using only the selected keys112, the probabilistic data structure generator 118 forms theprobabilistic data structure 202, which corresponds only to the selectedkeys 112 having the attribute(s) 502 that meet the criteria. Theresultant probabilistic data structure 202 is used in the key testingmodule 122. For example, the metadata server 104 could send theprobabilistic data structure 202 to a storage server 106 that is usingthe key testing module 122.

The storage server 106 provides keys 112 that have or are associatedwith attributes 502, to the same or another key selector 504. The keyselector 504 performs a decision action 506, to determine whether theattribute(s) 504 of the key 112 meets the criteria, for each key 112provided to the key selector 504. If the answer to the decision action506 is no, the attribute(s) 502 of the key 112 does not meet thecriteria then the resulting action 512 is to not use the key 112 in thekey testing module 122. If the answer to the decision action 506 is yes,the attribute(s) 502 of the key 112 does meet the criteria, then theaction 514 is to use that key 112 in the key testing module 122. Someembodiments employ a key selector 504 as a filter prior to theprobabilistic data structure generator 118, some embodiments employ akey selector 504 as a filter prior to the key testing module 122, someembodiments employ both, and some embodiments employ neither. In someembodiments, the storage server 106 does not consider any keys 112 thatwould not have been included in the probabilistic data structure 202created by the metadata server 104 and the probabilistic data structuregenerator 118 in order to avoid deleting a key that is still valid.

FIG. 6 is an action diagram showing keys 112 as candidates fordiscarding, with a decision 602 for discarding, postponement, or notdiscarding. This could be implemented in software executing on one ormore processors, e.g., as a software module, or firmware or hardware, orcombinations thereof. A key 112, in this scenario, has been determinedby the key testing module to be a candidate for discarding (e.g., as inthe action 306 in FIG. 3 ). The decision action 602 determines whetherit is okay to discard the key 112. For example, the decision action 602could consider system state or constraints, such as that the system istoo busy, a metadata server 104 is busy, a storage server 106 is busy,or the system resource or time cost to discard keys 112 at the presenttime would be too great and would result in undesirable or unacceptabledelays in data access time or other system operation, etc. The systemcould consider one or more predetermined conditions in the decisionaction 602, such as whether a storage server 106 is in a resourcerecovery mode (e.g., not “too busy”), a data read or data write mode(e.g., “too busy”), or is not currently reading or writing data (e.g.,not “too busy”). Other predetermined conditions to consider couldinclude whether a storage memory is involved in read or write access(e.g., “too busy”) or a backup run or snapshot is in progress (e.g.,“too busy”), or the system is otherwise idle and/or performingbackground tasks, or not. Yet another predetermined condition toconsider would be whether the number of keys 112 under consideration fordeletion is less than, equal to or greater than a predetermined number,as deleting a large number of keys 112 could be considered an expensivedeletion in terms of system resources or time cost. A time-slicing,multi-tasking, task bandwidth or other time or task-related algorithmcould be applied, with status relative to this algorithm being apredetermined condition for consideration. In some embodiments deletionrequests could be batched, since it could be easier to delete a largenumber of keys 112 at one time rather than deleting keys 112individually on demand. Discarding of one or more keys 112 could thus bepostponed and scheduled. If the outcome of the decision action 602 isyes, it is okay to discard a key 112 now, then the action 604 isperformed and the key 112 is discarded. In a further action 610,resources are reclaimed. For example, storage memory 126 of data 128associated with the now-deleted key 112 is dereferenced in the storageserver 106 and can be reclaimed and reused for further data storage. Ifthe outcome of the decision action 602 is no, it is not okay to discardthe key 112 now, then a decision action 606 determines whether topostpone discarding of the key 112. If the answer is no, do notpostpone, but it is still not okay to discard the key 112 now, then theaction 608 is performed, and the key is kept or not discarded. If theanswer is yes, postpone discarding of the key 112, then flow branchesback to the decision action 602, to loop until it is decided to discardthe key 112 or discontinue postponing and keep or not discard the key.In variations, some embodiments employ only the discarding decisionaction 602, some embodiments employ only the postponement decisionaction 606, some embodiments employ both, and some embodiments employneither. The action 610 for reclaiming resources could also bepostponed, in further embodiments. The flexibility provided by theembodiments enable the storage system 102 to decide to delete some keysnow, some later, recover some storage memory 126 now, some storagememory 126 later, etc.

FIG. 7 is a flow diagram of a method for deleting keys from a storagesystem, using a probabilistic data structure. The method can bepracticed in embodiments of the storage system, specifically by one ormore processors of the storage system. The method is general to varioussets of keys, and types of probabilistic data structures, and can bepracticed on keys that identify data, for example in snapshots orbackups in or associated with metadata servers, and on keys that areassociated with data, for example keys associated with data in storagememory in or associated with storage servers. In an action 702, keys areselected from a first set of keys. For example, a key selector couldselect keys based on conformity of attributes of the keys to criteria.In some embodiments, all of the keys in the first set of keys could beselected. In an action 704, a probabilistic data structure is generated,based on the selected keys from the first set of keys. For example, aBloom filter or other suitable probabilistic data structure could begenerated. In an action 706, keys are selected from a second set ofkeys. For example, a key selector could select keys based on conformityof attributes of the keys to criteria as mentioned above. In someembodiments, all of the keys in the second set of keys could beselected. In an action 708, the selected keys from the second set ofkeys are tested, using the probabilistic data structure. For example,the selected keys could be tested with a Bloom filter, as generated inthe action 704.

In a decision action 710, it is determined whether the key is found inthe probabilistic data structure. If the answer to the decision action710 is yes, the key is found in the probabilistic data structure, thenthe action 712 is performed, and the key is kept or not discarded. Ifthe answer to the decision action 710 is no, the key is not found in theprobabilistic data structure, then the action 714 is performed, and thekey is a candidate for deletion. In some embodiments the key may bedeleted immediately upon not being found in the probabilistic datastructure. Outcomes of the decision action are probabilistic, inaccordance with the use of a probabilistic data structure. As mentionedabove, use of a Bloom filter or other suitable probabilistic datastructure can give false positives, but no false negatives. Other typesof probabilistic data structures could have additional characteristicsto the ability to provide no false negatives.

It should be appreciated that the methods described herein may beperformed with a digital processing system, such as a conventional,general-purpose computer system. Special purpose computers, which aredesigned or programmed to perform only one function may be used in thealternative. FIG. 8 is an illustration showing an exemplary computingdevice which may implement the embodiments described herein. Thecomputing device of FIG. 8 may be used to perform embodiments of thefunctionality for generating and using probabilistic data structures forconsideration of key deletion in accordance with some embodiments. Thecomputing device includes a central processing unit (CPU) 801, which iscoupled through a bus 805 to a memory 803, and mass storage device 807.Mass storage device 807 represents a persistent data storage device suchas a disc drive, which may be local or remote in some embodiments. Themass storage device 807 could implement a backup storage, in someembodiments. Memory 803 may include read only memory, random accessmemory, etc. Applications resident on the computing device may be storedon or accessed via a computer readable medium such as memory 803 or massstorage device 807 in some embodiments. Applications may also be in theform of modulated electronic signals modulated accessed via a networkmodem or other network interface of the computing device. It should beappreciated that CPU 801 may be embodied in a general-purpose processor,a special purpose processor, or a specially programmed logic device insome embodiments.

Display 811 is in communication with CPU 801, memory 803, and massstorage device 807, through bus 805. Display 811 is configured todisplay any visualization tools or reports associated with the systemdescribed herein. Input/output device 809 is coupled to bus 805 in orderto communicate information in command selections to CPU 801. It shouldbe appreciated that data to and from external devices may becommunicated through the input/output device 809. CPU 801 can be definedto execute the functionality described herein to enable thefunctionality described with reference to FIGS. 1-7 . The code embodyingthis functionality may be stored within memory 803 or mass storagedevice 807 for execution by a processor such as CPU 801 in someembodiments. The operating system on the computing device may beMS-WINDOWS™, UNIX™, LINUX™, iOS™, CentOS™, Android™, Redhat Linux™,z/OS™, or other known operating systems. It should be appreciated thatthe embodiments described herein may also be integrated with avirtualized computing system implemented with physical computingresources.

Detailed illustrative embodiments are disclosed herein. However,specific functional details disclosed herein are merely representativefor purposes of describing embodiments. Embodiments may, however, beembodied in many alternate forms and should not be construed as limitedto only the embodiments set forth herein.

It should be understood that although the terms first, second, etc. maybe used herein to describe various steps or calculations, these steps orcalculations should not be limited by these terms. These terms are onlyused to distinguish one step or calculation from another. For example, afirst calculation could be termed a second calculation, and, similarly,a second step could be termed a first step, without departing from thescope of this disclosure. As used herein, the term “and/or” and the “/”symbol includes any and all combinations of one or more of theassociated listed items.

As used herein, the singular forms “a”, “an” and “the” are intended toinclude the plural forms as well, unless the context clearly indicatesotherwise. It will be further understood that the terms “comprises”,“comprising”, “includes”, and/or “including”, when used herein, specifythe presence of stated features, integers, steps, operations, elements,and/or components, but do not preclude the presence or addition of oneor more other features, integers, steps, operations, elements,components, and/or groups thereof. Therefore, the terminology usedherein is for the purpose of describing particular embodiments only andis not intended to be limiting.

It should also be noted that in some alternative implementations, thefunctions/acts noted may occur out of the order noted in the figures.For example, two figures shown in succession may in fact be executedsubstantially concurrently or may sometimes be executed in the reverseorder, depending upon the functionality/acts involved.

With the above embodiments in mind, it should be understood that theembodiments might employ various computer-implemented operationsinvolving data stored in computer systems. These operations are thoserequiring physical manipulation of physical quantities. Usually, thoughnot necessarily, these quantities take the form of electrical ormagnetic signals capable of being stored, transferred, combined,compared, and otherwise manipulated. Further, the manipulationsperformed are often referred to in terms, such as producing,identifying, determining, or comparing. Any of the operations describedherein that form part of the embodiments are useful machine operations.The embodiments also relate to a device or an apparatus for performingthese operations. The apparatus can be specially constructed for therequired purpose, or the apparatus can be a general-purpose computerselectively activated or configured by a computer program stored in thecomputer. In particular, various general-purpose machines can be usedwith computer programs written in accordance with the teachings herein,or it may be more convenient to construct a more specialized apparatusto perform the required operations.

A module, an application, a layer, an agent or other method-operableentity could be implemented as hardware, firmware, or a processorexecuting software, or combinations thereof. It should be appreciatedthat, where a software-based embodiment is disclosed herein, thesoftware can be embodied in a physical machine such as a controller. Forexample, a controller could include a first module and a second module.A controller could be configured to perform various actions, e.g., of amethod, an application, a layer or an agent.

The embodiments can also be embodied as computer readable code on atangible non-transitory computer readable medium. The computer readablemedium is any data storage device that can store data, which can bethereafter read by a computer system. Examples of the computer readablemedium include hard drives, network attached storage (NAS), read-onlymemory, random-access memory, CD-ROMs, CD-Rs, CD-RWs, magnetic tapes,and other optical and non-optical data storage devices. The computerreadable medium can also be distributed over a network coupled computersystem so that the computer readable code is stored and executed in adistributed fashion. Embodiments described herein may be practiced withvarious computer system configurations including hand-held devices,tablets, microprocessor systems, microprocessor-based or programmableconsumer electronics, minicomputers, mainframe computers and the like.The embodiments can also be practiced in distributed computingenvironments where tasks are performed by remote processing devices thatare linked through a wire-based or wireless network.

Although the method operations were described in a specific order, itshould be understood that other operations may be performed in betweendescribed operations, described operations may be adjusted so that theyoccur at slightly different times or the described operations may bedistributed in a system which allows the occurrence of the processingoperations at various intervals associated with the processing.

In various embodiments, one or more portions of the methods andmechanisms described herein may form part of a cloud-computingenvironment. In such embodiments, resources may be provided over theInternet as services according to one or more various models. Suchmodels may include Infrastructure as a Service (IaaS), Platform as aService (PaaS), and Software as a Service (SaaS). In IaaS, computerinfrastructure is delivered as a service. In such a case, the computingequipment is generally owned and operated by the service provider. Inthe PaaS model, software tools and underlying equipment used bydevelopers to develop software solutions may be provided as a serviceand hosted by the service provider. SaaS typically includes a serviceprovider licensing software as a service on demand. The service providermay host the software, or may deploy the software to a customer for agiven period of time. Numerous combinations of the above models arepossible and are contemplated.

Various units, circuits, or other components may be described or claimedas “configured to” perform a task or tasks. In such contexts, the phrase“configured to” is used to connote structure by indicating that theunits/circuits/components include structure (e.g., circuitry) thatperforms the task or tasks during operation. As such, theunit/circuit/component can be said to be configured to perform the taskeven when the specified unit/circuit/component is not currentlyoperational (e.g., is not on). The units/circuits/components used withthe “configured to” language include hardware—for example, circuits,memory storing program instructions executable to implement theoperation, etc. Reciting that a unit/circuit/component is “configuredto” perform one or more tasks is expressly intended not to invoke 35U.S.C. 112, sixth paragraph, for that unit/circuit/component.Additionally, “configured to” can include generic structure (e.g.,generic circuitry) that is manipulated by software and/or firmware(e.g., an FPGA or a general-purpose processor executing software) tooperate in manner that is capable of performing the task(s) at issue.“Configured to” may also include adapting a manufacturing process (e.g.,a semiconductor fabrication facility) to fabricate devices (e.g.,integrated circuits) that are adapted to implement or perform one ormore tasks.

The foregoing description, for the purpose of explanation, has beendescribed with reference to specific embodiments. However, theillustrative discussions above are not intended to be exhaustive or tolimit the invention to the precise forms disclosed. Many modificationsand variations are possible in view of the above teachings. Theembodiments were chosen and described in order to best explain theprinciples of the embodiments and its practical applications, to therebyenable others skilled in the art to best utilize the embodiments andvarious modifications as may be suited to the particular usecontemplated. Accordingly, the present embodiments are to be consideredas illustrative and not restrictive, and the invention is not to belimited to the details given herein, but may be modified within thescope and equivalents of the appended claims.

What is claimed is:
 1. A method, comprising: generating a data structureassociated with a first set of keys; identifying one or more storageservers of a storage system having at least one key of the first set ofkeys; and identifying one or more keys of a second set of keys ascandidates for deletion based on whether the one or more keys of thesecond set of keys are found in the data structure, the identifying theone or more keys responsive to transmitting the data structure to theone or more storage servers.
 2. The method of claim 1, furthercomprising one of: selecting keys for inclusion in the first set of keysby considering keys that share one or more criteria of the first set ofkeys.
 3. The method of claim 2, further comprising: considering keyssharing the one or more criteria from the second set of keys for lookupin the data structure.
 4. The method of claim 1, further comprising:postponing actual deletion of the one or more keys identified as thecandidate for deletion based on a predetermined condition.
 5. The methodof claim 1, further comprising: reclaiming system resources of thestorage system associated with a deleted key.
 6. The method of claim 1,further comprising: generating a further data structure based on a thirdset of keys, the further data structure merged with the data structure.7. The method of claim 1, wherein the data structure is configured todetermine whether a key tested with the data structure is a member ofthe first set of keys.
 8. A storage system, comprising: memory,configured to hold data and metadata, including keys that identify dataand keys associated with data; and one or more processors, configured toperform actions comprising: storing data, metadata, the keys associatedwith one of the data or the metadata in the memory; producing a datastructure associated with a first set of keys at a storage server of thestorage system; identifying one or more storage servers of the storagesystem having at least one key of the first set of keys; andtransmitting, to the one or more storage servers, the data structure,wherein transmitting the data structure causes the one or more storageservers to identify one or more keys of a second set of keys ascandidates for deletion based on whether the one or more keys of thesecond set of keys are found in the data structure.
 9. The storagesystem of claim 8, wherein the data structure is configured to determinewhether a key tested with the data structure is a member of the firstset of keys.
 10. The storage system of claim 8, wherein the actions ofthe one or more processors further comprise: populating the second setof keys with keys sharing at least one criterion from a further, largerset of keys.
 11. The storage system of claim 8, wherein the actions ofthe one or more processors further comprise: delaying deletion of theone or more keys based on a predetermined condition.
 12. The storagesystem of claim 8, wherein the actions of the one or more processorsfurther comprise: reclaiming system resources, including a portion ofthe memory, of the storage system associated with one or more deletedkeys.
 13. The storage system of claim 8, wherein the actions of the oneor more processors further comprise: merging the data structure and asecond data structure associated with a third set of keys to form athird data structure.
 14. A non-transitory computer-readable storagemedium including instructions that, when executed by one or moreprocessors, cause the one or more processors to: generating a datastructure associated with a first set of keys; identifying one or morestorage servers of the storage system having at least one key of thefirst set of keys; and identifying one or more keys of a second set ofkeys as candidates for deletion based on whether the one or more keys ofthe second set of keys are found in the data structure, the identifyingthe one or more keys responsive to transmitting the data structure tothe one or more storage servers.
 15. The computer-readable storagemedium of claim 14, further comprising one of: selecting keys forinclusion in the first set of keys by considering keys that share one ormore criteria of the first set of keys.
 16. The computer-readablestorage medium of claim 15, further comprising: considering keys sharingthe one or more criteria from the second set of keys for lookup in thedata structure.
 17. The computer-readable storage medium of claim 14,further comprising: postponing actual deletion of the one or more keysidentified as the candidate for deletion based on a predeterminedcondition.
 18. The computer-readable storage medium of claim 14, furthercomprising: reclaiming system resources of the storage system associatedwith a deleted key.
 19. The computer-readable storage medium of claim14, further comprising: generating a further data structure based on athird set of keys, the further data structure merged with the datastructure.
 20. The computer-readable storage medium of claim 14, whereinthe data structure is configured to determine whether a key tested withthe data structure is a member of the first set of keys.